Senior Associate - Attack Surface Reduction

Attack Surface Reduction Senior Associate

Are you ready to make an impact at DTCC?

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We're committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).
• Support the identification, assessment, and reduction of externally exposed assets and vulnerabilities across the enterprise perimeter.
• Partner with technology, infrastructure, and security teams to support remediation planning and execution for edge and external-facing assets.
• Analyze attack surface and vulnerability data to help prioritize exposure reduction efforts.
• Track remediation actions, risks, and outcomes to ensure timely follow-through and transparency.
• Develop working knowledge of perimeter technologies, external-facing platforms, and defensive security controls.
• Support vulnerability management lifecycle activities related to external threats, including validation, analysis, and closure tracking.
• Contribute to metrics, dashboards, and reporting that demonstrate attack surface reduction progress and effectiveness.
• Assist with the creation and maintenance of documentation such as policies, procedures, standards, and job aids.
• Participate in responses to security incidents related to external threats and vulnerabilities, as required

The impact you will have in this role:

Security Integrations and Exposure Management within IT Cybersecurity and Platform Strategy proactively identifies and mitigates security threats and vulnerabilities across the enterprise. The team supports defensive security programs through continuous monitoring, assessment, and response to emerging cyber risks.

The Attack Surface Reduction Senior Associate supports the Edge Zero initiative by helping identify, assess, and reduce externally exposed assets and vulnerabilities. This role works closely with perimeter technology and platform owners to support remediation of external exposure risks through analysis, coordination, tracking, and reporting.

Your Primary Responsibilities:

• Support the identification, assessment, and reduction of externally exposed assets and vulnerabilities across the enterprise perimeter.
• Partner with technology, infrastructure, and security teams to support remediation planning and execution for edge and external-facing assets.
• Analyze attack surface and vulnerability data to help prioritize exposure reduction efforts.
• Track remediation actions, risks, and outcomes to ensure timely follow-through and transparency.
• Develop working knowledge of perimeter technologies, external-facing platforms, and defensive security controls.
• Support vulnerability management lifecycle activities related to external threats, including validation, analysis, and closure tracking.
• Contribute to metrics, dashboards, and reporting that demonstrate attack surface reduction progress and effectiveness.
• Assist with the creation and maintenance of documentation such as policies, procedures, standards, and job aids.
• Participate in responses to security incidents related to external threats and vulnerabilities, as required

**NOTE:  The Primary Responsibilities of this role are not limited to the details above. **

Qualifications:

• Minimum of 7 years of experience 
• Bachelors’ Degree and/or equivalent experience

Talents Needed for Success:

• Minimum of 6 years of related experience in cybersecurity, vulnerability management, attack surface management, or technology risk.
• Bachelor’s degree preferred or equivalent practical experience.
• Working knowledge of external attack surface concepts, vulnerability management practices, and perimeter security controls.
• Experience analyzing vulnerability or exposure data and supporting remediation efforts.
• Strong organizational, analytical, and communication skills with the ability to work across teams.
• Any tools exp in vulnerability or attack surface - ProjectDiscovery, rapid7

Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation

 

Experience Level

Senior Level